ab3e9253926b1d9cd7d1fcd1ba7e4af30dd0bc5744bc5e10d839026c36a0f324 | Triage

Analysis

max time kernel
121s
max time network
130s
platform
windows7_x64
resource
win7-20241023-en
resource tags

arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
submitted
26/01/2025, 18:16

Sharing

Report Analysis Logs

General

Target

game.rar
Size

198.7MB
MD5

11b59748521bf070a175100b48b3d9ca
SHA1

97aee524b1817f588a966678550dfef42dfa4249
SHA256

ab3e9253926b1d9cd7d1fcd1ba7e4af30dd0bc5744bc5e10d839026c36a0f324
SHA512

aa0963081325c73f1730aa848be4a3b1a5bb2cf7d5746eaea820f397e2855e37ab16b42fa00fecfda46322b0e5f7ea35db3aaf5ed572fd122821fed1fd936c62
SSDEEP

6291456:2+zTDyw0wl+Ln4jaIqfqvKwlnItIn+wMXPy:2UDy59nGtqf3wAInsy

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeRestorePrivilege	1736	7zFM.exe
Token: 35	1736	7zFM.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1736	7zFM.exe

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\game.rar"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads